Study Says Data Breaches Often Caused By Configuration Error

Study Says Data Breaches Often Caused By Configuration Error

23rd Aug 12:01

Hackers are increasingly exploiting configuration errors and faulty application code -- not the kind of software holes that get vendor patches -- to steal information from computer systems, according to a new study by Verizon Communications Inc.

The "2010 Data Breach Investigations Report" covers 141 cases investigated either by Verizon or the U.S. Secret Service last year.

The researchers said one surprising trend was the continued decline in attacks that exploit software vulnerabilities like holes in operating systems.

In 2009, there was not a "single confirmed intrusion that exploited a patchable vulnerability," the report said. The hacking cases involved "SQL injection, stolen credentials, back doors and the like" -- problems not fixed by vendor patches.

Verizon suggested that patching regimens, while important, may be overemphasized. "We've observed companies that were hell-bent on getting Patch X deployed by week's end but hadn't even glanced at their log files in months," the report said.

Of course IT shops should apply vendor patches, but instead of focusing on the "raw speed" of patching, the report said, IT professionals would be better off applying some of that energy to code review and configuration management.

This version of this story was originally published in Computerworld's print edition. It was adapted from an earlier version that first appeared on Computerworld.com.